Exclusive-ICBC Injects Capital Into U.S. Unit, Seeks Cyber Review -Sources

[ad_1]

By Paritosh Bansal, Lananh Nguyen and Davide Barbuscia

NEW YORK/LONDON (Reuters) – Industrial and Commercial Bank of China injected capital into its U.S. unit to pay BNY Mellon $9 billion for unsettled trades and hired a cybersecurity firm to help it return online after a ransomware attack, sources familiar with the matter said.

ICBC said on Thursday it had been hit by a ransomware attack, the latest in a string of ransom demands by hackers this year. ICBC Financial Services, the bank’s U.S. unit, said it was investigating the attack that disrupted some of its systems, and making progress toward recovering from it.

The cyberattack sent ripples through the U.S. Treasuries market, where ICBC acts as a broker for hedge funds and other market participants, helping them trade in the securities.

When the hack happened earlier this week, ICBC was unable to access its systems, leaving it temporarily owing BNY $9 billion for unsettled trades, two of the sources said. The custody bank is the sole settlement agent for U.S. Treasuries.

The Chinese parent then injected capital into the U.S. unit, allowing it to settle the trades and pay back BNY Mellon, the sources said. That has now happened, they said.

ICBC did not respond to a request for comment.

ICBC’s representatives told market participants on a call organized by the Securities Industry and Financial Markets Association (SIFMA), a trade group, on Friday afternoon that they had hired a cybersecurity firm to do an assessment to ensure that its systems are safe, three sources familiar with the matter said.

ICBC said it hopes to be done as soon as this weekend, the sources said, noting that it could take longer, given the complexity of the task.

Meanwhile, ICBC’s computer systems have been isolated from the rest of Wall Street, the sources said. But alternative systems have been put in place to enable trading by ICBC, which involve moving information manually, including by carrying USB sticks with information, two of the sources said.

SIFMA declined to comment.

“These cyberattacks are scary,” said Jack McIntyre, a fixed income portfolio manager at Brandywine. “The good news would be that I guarantee you primary dealers are having (a) discussion to make sure this cannot happen to them. I’m sure everybody’s doing a deep dive on their security systems.”

(Reporting by Harry Robertson, James Pearson, Naomi Rovinick in London, Yoruk Bahceli in Amsterdam, Davide Barbuscia, Chris Prentice, Mike Derby, Carolina Mandl, Laura Matthews and Paritosh Bansal in New York; Zeba Siddiquai in San Francisco; Editing by Megan Davies, Dhara Ranasinghe, Alexander Smith and Richard Chang)

Copyright 2023 Thomson Reuters.

[ad_2]

Source link